4 steps to a better EHS compliance program

How to map your EHS compliance transformation plan in four basic steps so you can move from a reactive to an interdependent approach

The way your company manages compliance may mean you’re just waiting for a problem to happen. Adapting your compliance management to a proactive, informed, and data-driven approach means you can be aware of what’s required before you face an incident.

In this article, we’ve taken top tips from health and safety veteran Anthony Wareham in his eBook, A handbook for EHS compliance transformation, to give you a simple 4-step blueprint to follow when planning your EHS compliance program transformation.

1. Understand the scale of compliance maturity

Knowing where you’re starting from and what you’re aiming for is the first step in any business transformation.

Consider that your EHS compliance is on a spectrum of organizational maturity, with reactive compliance on the low end and interdependent compliance on the high end.


The scale of reactive to interdependent compliance.

 

Reactive compliance will always be a backwards-looking, issue-driven, break-fix approach that waits for problems to occur in the first instance. This is a dangerous state to be in because there’s no way of assessing when an incident will occur, how bad it will be if it does, or any planning to mitigate incident occurrences.

Interdependent compliance is proactive, looking ahead to address changes in advance and ensure recovery plans are in place to manage the most likely or the highest risk events.

2. Establish your baseline

Start by understanding exactly where you are currently. Avoid being judgmental or ascribing blame. Your current position is a matter of fact and there are only two important takeaways — the true position and the improvements needed. To get a true representation of current status, cast the net wide and review as many levels and functions as possible so you can see where the true lines of communication and accountability lie. It’s important to look both internally and externally, to ensure comprehensive coverage.

 

Internally

Examine the following:

  • Skill levels of individuals
  • Reporting structures
  • Senior health and safety leader’s accessibility to senior officers in the company
  • Employees’ view of the safety process

 

Externally

Seek answers to the following questions:

  • How do you collect information about the external regulatory environment?
  • Is there a formal review process?
  • Have there been regulatory contacts in the past and how where they managed?

 

It’s important to remember that businesses will start at different points along the scale to interdependency — and in the process of planning, may realize that interdependency is too far for them to reach right now. This is an opportunity for honest self-examination, not a means of scoring for admonishment or complacency purposes.

Be candid about the company’s realistic position and potential, and work to those truths when setting your goals and developing your plans.

3. Plan proactively

A comprehensive baseline analysis will identify significant gaps which need to be prioritized. Improvements may need to be staggered to manage critical aspects early, with further improvements later. The following aspects will need to be addressed:

 

Leadership engagement

Absolutely critical is a comprehensive report to board level on a regular basis — biannually at a minimum, but quarterly is best. This should cover at least compliance and performance. In most jurisdictions the CEO is legally responsible for compliance — not the health and safety manager — so they need comprehensive information on the compliance status and upcoming changes.

 

Improvement planning

A plan to fill the gaps identified will be required to get buy-in for resourcing. Resources broadly fall into three categories: administrative effort, expense, and capital. Capital is a long-term issue usually addressed in a fixed financial cycle, but it’s possible to expense smaller costs over the year. There may also be problems that can be resolved with administrative efforts already available. These will often get significant improvements for little initial cost in the short term, so will be a good way of getting the program off the ground. Plan some initial quick successes that can be reinforced in the future. Make sure the plan is SMART (Specific, Measurable, Achievable, Resourced, and Timed).

 

Metrics

Get a process in place to demonstrate progress. Proactive metrics are best, but a sensible mix of both reactive and proactive works well.

4. Establish regular reviews

This links back to leadership engagement and should be embedded in the calendar. Once the process is established, leadership generally becomes more actively engaged in a program and its importance.

Key takeaways for transforming your EHS compliance program

Before you can determine where you want to go you need to establish where you currently are.

Regulatory compliance and a mechanism that scans the external EHS compliance environment is critical, but the process is very much dependent on internal structures, culture, and communication. These need to be optimized before you can start to move up the curve towards interdependency.

Many of the issues can be addressed without large resource allocation, but take time to resolve — especially if there’s a lot of them. They should be broken down into manageable stages, with the highest risks addressed first.

Capital requirements must be highlighted early so the company can budget accordingly. With the right processes in place and leadership’s support, it should be standard operating procedure to proactively monitor upcoming regulatory changes, forecast and implement new requirements, and report on compliance status — to demonstrate continuous improvement.

Learn more about effective EHS compliance program transformation from Enhesa and Anthony Wareham…

Regulatory content and sustainability intelligence

eBook | A handbook for EHS compliance transformation

Download our eBook to learn from Anthony Wareham on how to adopt a risk-based, data-led approach to EHS compliance management.

Regulatory content and sustainability intelligence

Article | How to build a business case for compliance

Anthony Wareham is joined by Keith Serre from Deloitte to discuss how to build an effective business case for compliance.

Regulatory content and sustainability intelligence

Webinar | From compliance to commitment: Prerequisites for a safety culture

Join us on 29 October 2024 for the third webinar featuring Anthony Wareham where we’ll be discussing how to create a compliance culture.

Share